Update orjson to 3.11.7 to address CVE-2025-67221

[aivong-openhands]

Summary

Updates orjson from 3.11.3 to 3.11.7 to address CVE-2025-67221.

Changes:

• Added orjson>=3.11.7 to constraint-dependencies in pyproject.toml to enforce the minimum secure version for this transitive dependency
• Updated uv.lock to resolve orjson version 3.11.7

This follows the established pattern in the codebase for handling security vulnerabilities in transitive dependencies (similar to starlette, aiohttp, urllib3, protobuf, and pillow).

Checklist

• If the PR is changing/adding functionality, are there tests to reflect this?
  • N/A - This is a dependency version bump for security, no new functionality
• If there is an example, have you run the example to make sure that it works?
  • N/A - No examples affected
• If there are instructions on how to run the code, have you followed the instructions and made sure that it works?
  • N/A - No runtime changes
• If the feature is significant enough to require documentation, is there a PR open on the OpenHands/docs repository with the same branch name?
  • N/A - Security update, no documentation needed
• Is the github CI passing?

---

Agent Server images for this PR

• GHCR package: https://github.com/OpenHands/agent-sdk/pkgs/container/agent-server

Variants & Base Images

Variant	Architectures	Base Image	Docs / Tags
java	amd64, arm64	eclipse-temurin:17-jdk	Link
python	amd64, arm64	nikolaik/python-nodejs:python3.12-nodejs22	Link
golang	amd64, arm64	golang:1.21-bookworm	Link

Pull (multi-arch manifest)

# Each variant is a multi-arch manifest supporting both amd64 and arm64
docker pull ghcr.io/openhands/agent-server:4293a0d-python

Run

docker run -it --rm \
  -p 8000:8000 \
  --name agent-server-4293a0d-python \
  ghcr.io/openhands/agent-server:4293a0d-python

All tags pushed for this build

ghcr.io/openhands/agent-server:4293a0d-golang-amd64
ghcr.io/openhands/agent-server:4293a0d-golang_tag_1.21-bookworm-amd64
ghcr.io/openhands/agent-server:4293a0d-golang-arm64
ghcr.io/openhands/agent-server:4293a0d-golang_tag_1.21-bookworm-arm64
ghcr.io/openhands/agent-server:4293a0d-java-amd64
ghcr.io/openhands/agent-server:4293a0d-eclipse-temurin_tag_17-jdk-amd64
ghcr.io/openhands/agent-server:4293a0d-java-arm64
ghcr.io/openhands/agent-server:4293a0d-eclipse-temurin_tag_17-jdk-arm64
ghcr.io/openhands/agent-server:4293a0d-python-amd64
ghcr.io/openhands/agent-server:4293a0d-nikolaik_s_python-nodejs_tag_python3.12-nodejs22-amd64
ghcr.io/openhands/agent-server:4293a0d-python-arm64
ghcr.io/openhands/agent-server:4293a0d-nikolaik_s_python-nodejs_tag_python3.12-nodejs22-arm64
ghcr.io/openhands/agent-server:4293a0d-golang
ghcr.io/openhands/agent-server:4293a0d-java
ghcr.io/openhands/agent-server:4293a0d-python

About Multi-Architecture Support

• Each variant tag (e.g., 4293a0d-python) is a multi-arch manifest supporting both amd64 and arm64
• Docker automatically pulls the correct architecture for your platform
• Individual architecture tags (e.g., 4293a0d-python-amd64) are also available if needed

[github-actions]

API breakage checks (Griffe)

Result: Failed

Log excerpt (first 1000 characters)

============================================================
Checking openhands-sdk (openhands.sdk)
============================================================
Comparing openhands-sdk 1.11.5 against 1.11.4
::notice title=openhands-sdk API::Ignoring Field metadata-only change (non-breaking): load_public_skills
::notice title=openhands-sdk API::Ignoring Field metadata-only change (non-breaking): temperature
::warning file=openhands-sdk/openhands/sdk/llm/llm.py,line=196,title=LLM.top_p::Attribute value was changed: `Field(default=1.0, ge=0, le=1)` -> `Field(default=None, ge=0, le=1, description='Nucleus sampling parameter. Defaults to None (uses provider default). Set to a value between 0 and 1 to control diversity of outputs.')`
::error title=SemVer::Breaking changes detected (1); require at least minor version bump from 1.11.x, but new is 1.11.5

============================================================
Checking openhands-workspace (openhands.workspace)
============================

Action log

[github-actions]

Agent server REST API breakage checks (OpenAPI)

Result: Passed

Action log

[all-hands-bot]

🟢 Good taste - Clean security fix.

This is exactly how it should be done: minimal change, follows existing pattern, addresses real CVE. Patch bump (3.11.3 → 3.11.7) carries negligible risk. Lock file updated correctly. LGTM! 🚀

[github-actions]

Coverage Report •

File	Stmts	Miss	Cover	Missing
TOTAL	20071	5439	72%

report-only-changed-files is enabled. No files were changed during this commit :)